Monthly Archives: June 2015

Karbonn Sparkle V & Android One

Leave a reply

Android One

Android One is a label that targets emerging markets. It specifies the minimum hardware requirements that a smartphone must have to be supported for 2 years by Google. This is one of the major opportunities for us in Mauritius. Some of you may think that it's too good to be true, but it exists, as I got myself an Android One phone !

Karbonn Sparkle V

I bought an android-one certified phone from an Indian Manufacturer Karbonn. Mine is the Karbonn Sparkle V. When I got it, It was still on Android 4.4. As soon as I configured the wifi, It offered the possibility to be updated to Android 5.0 . Many high end phones are still shipping with Android 4.4 today without any updates to Android 5.0. sparkle


  • Display size: 4.5 inches
  • CPU: Quad-core 1.3 GHz Cortex-A7
  • Internal memory : 2GB
  • GPU: Mali-400MP2
  • RAM: 1GB
  • Camera (back): 5 MP, 2592 х 1944 pixels, autofocus, LED flash
  • Camera (front): 2MP
  • GSM: 2G, 3G, 4G



User experience

Yesterday night, I updated to Android 5.1.1. UX-wise, the phone is very responsive, and snappy. My only complaint would be the lack of internal storage space. I think that 4GB would have been better. Another version of the Sparkle is currently brewing. I hope that Google bumps the hardware specs for the next Android One label. The price is very competitive: Rs 5700-5900 depending on where you buy it. Overall, I'm very happy with my purchase, and I definitely plan to buy another Android One phone at the end of this year.


Android One firmware

firmware

It is worth pointing out that Google offers 2 years of firmware update support. This is fantastic, as I get the equivalent of a Google Nexus phone, at a much more reasonable price. This is the major win for the Android One phones. Unlike manufacturers that tend to ignore firmware updates after 6 month, Google makes a smart move here.




--Logan

Improving NTP security against overflows

Leave a reply

Saving the world ... on time !

ntp_intro

The Network time protocol is a standard which is used to keep our computer's time accurate. The science involved in keeping clocks ticking on computers is far more complex than most people would assume.

As a comparison: The number of lines of code for University of Delaware NTP implementation -- which is the most widely deployed NTP software -- is slightly less than the source code of Internet Software Consortium's BIND product. I will spare us the details of the hair-pulling mathematics involved :)

Security record of Delaware NTP

I do not want to criticise the work of the past NTP developers. I am merely looking at the list of past vulnerabilities:

  • Buffer overflow in crypto_recv()
  • Buffer overflow in ctl_putdata()
  • Buffer overflow in configure()

So what is a buffer overflow ? Let's use a picture to illustrate this:

buffer_overflow

As we can see here: The attacker keeps putting more sugar in the pan until it literally overflows. In computers, you can do the same thing. You can put more input than the storage location can accept, and you essentially overflow its content to the next adjcent storage location. There's one difference however: if you are smart, you can use the overflowing "sugar" to take control of the remote computer ! This is one of the classic ways to crack into a remote computer such as an NTP server, a Mac OS X laptop, or even a windows laptop. For geeks, you can put some "magic" in the overflowing sugar that executes "/bin/bash" and you can then run whatever you want on the NTP service.

Defeating overflows

I have extended the NTP memory allocator -- a manager which is in charge of allocating storage space in live memory -- and added an additional function that checks for buffer overflows that occur under certain conditions, namely multiplication. As I said previously, a lot of NTP involves complex mathematical calculations that can lead to vulnerabilities. This defeats an entire class of buffer overflows in NTP. Due to the large number of products that use University of Delaware NTP software, this is a significant step towards improving the Internet Security at large !

To put it in more simpler terms: We prevent the attacker from overflowing the pan with sugar. We have detectors in place that signal to the chef that something went wrong in the kitchen.

List of products using University of Delaware NTP software

I have attempted to list a few well known products which use University of Delaware NTP software. This is by no means, exhaustive:

  • Various CISCO products.
  • RedHat/CentOS Linux.
  • Ubuntu Linux.
  • Apple Macbooks.
  • And many others


--Logan

Android One camera issue

Leave a reply

Android One camera freeze

wedding

While attending a wedding today, I wanted to use my camera to record videos. When I switched to video mode, The application froze. Android reported that it was not able to connect to the camera.

Dark Powers of Linux to the rescue

Since Android was running a Linux kernel, I knew from experience that this was very likely a device driver module. Of course, since I did not have full access to the android kernel message log, I knew that it was based on my instinct :)

I still wanted to record the speeches about the responsibilities of Marriage from the gentleman who took his time to lecture the newly wed couple. So, I knew that I had to find a way to reset the camera. My idea was since I had switched to video mode before it froze, it probably remained in that state. I quickly killed the application, and reloaded it . Unsurpringly, it started directly in recording mode. I just had to click on record, and it did the trick.

My theory is that switching back and forth from camera to photo mode causes the driver to hang up with the Android kernel. Since my phone is supported by Google, I sent a report to them on the phone itself, including how to reproduce it :)

Google Android One rocks

Thanks to the support from Google, I can send bug reports to them, as the phone is supported for 2 years. Unlike other phone manufacturers, it's much better in my humble opinion.



--Logan

Getting the job done with Vim

Leave a reply

Last Friday, Cyril pinged for an after-office beer party. It’s all legitimate for a Friday evening :-)

beer-party-talk

At my workplace I in-turn bugged Kaviraj, a networking fellow who enjoys the usual geek talks.

We finished work and reached Flying Dodo some time after 19h00. Cyril and the others had taken the table outside. We could that way enjoy the cozy weather, not too warm neither cold, listen to the live band and have a chilled beer. To make it more fun I asked for pizza.

A while later Mike joined us. Kaviraj, Mike and I got into some fun chatting about CLI tools. Mike was talking about “vi” and we shared the handy tricks when editing config files.

Commenting multiple lines in Vim

To toggle between line numbering and without line numbers, do :set nu and :set nu!. The line numbers are useful when editing config files, say when you need to comment a block of directives (e.g from line 15 to 25). You would do :15,25s/^/#/g to comment and commenting out would be :15,25s/^#//g.

In-line replacement of a word

At times you find a long word in a line which you need to replace. While your cursor is at the beginning of the word, you press cw and enter the new word. It’s replaced. Is it difficult to remember cw ? Just remember “change word” :-)

Saving with “root” privilege

Ever edited a file and while saving you realise you actually require super-privilege? It happens when you are tinkering as a regular user and the file is owned by root. If you’re a sudoer then the following could save you time:

:w !sudo tee %

The ! symbol allows you to execute shell commands and the % signifies the current file. We’re thus saying update by sending the content to the current file with sudo privilege.

Find and replace

To trigger a find we could simply do /theword and press n to hop to the next occurrence of the word. We could search the whole file for a particular word and replace all occurrences:

:%s/theword/anotherword/g

We could also limit the find & replace within a block of lines.

:15,25s/theword/anotherword/g

For more fine-tuning of the search, regular expressions would come handy.

Kaviraj & I left Flying Dodo at 21h00. That was a short moment having a geek chit-chat with like-minded folks.

Getting the job done with Vim

Leave a reply

Last Friday, Cyril pinged for an after-office beer party. It’s all legitimate for a Friday evening :-)

beer-party-talk

At my workplace I in-turn bugged Kaviraj, a networking fellow who enjoys the usual geek talks.

We finished work and reached Flying Dodo some time after 19h00. Cyril and the others had taken the table outside. We could that way enjoy the cozy weather, not too warm neither cold, listen to the live band and have a chilled beer. To make it more fun I asked for pizza.

A while later Mike joined us. Kaviraj, Mike and I got into some fun chatting about CLI tools. Mike was talking about “vi” and we shared the handy tricks when editing config files.

Commenting multiple lines in Vim

To toggle between line numbering and without line numbers, do :set nu and :set nu!. The line numbers are useful when editing config files, say when you need to comment a block of directives (e.g from line 15 to 25). You would do :15,25s/^/#/g to comment and commenting out would be :15,25s/^#//g.

In-line replacement of a word

At times you find a long word in a line which you need to replace. While your cursor is at the beginning of the word, you press cw and enter the new word. It’s replaced. Is it difficult to remember cw ? Just remember “change word” :-)

Saving with “root” privilege

Ever edited a file and while saving you realise you actually require super-privilege? It happens when you are tinkering as a regular user and the file is owned by root. If you’re a sudoer then the following could save you time:

:w !sudo tee %

The ! symbol allows you to execute shell commands and the % signifies the current file. We’re thus saying update by sending the content to the current file with sudo privilege.

Find and replace

To trigger a find we could simply do /theword and press n to hop to the next occurrence of the word. We could search the whole file for a particular word and replace all occurrences:

:%s/theword/anotherword/g

We could also limit the find & replace within a block of lines.

:15,25s/theword/anotherword/g

For more fine-tuning of the search, regular expressions would come handy.

Kaviraj & I left Flying Dodo at 21h00. That was a short moment having a geek chit-chat with like-minded folks.